CX CSRF @ src/main/webapp/vulnerability/csrf/change-info.jsp [refs/heads/master]

**CSRF** issue exists @ **src/main/webapp/vulnerability/csrf/change-info.jsp** in branch **refs/heads/master**

*Method info=request.getParameter at line 26 of src\main\webapp\vulnerability\csrf\change-info.jsp gets a parameter from a user request from &quot;&quot;info&quot;&quot;. This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).*

Severity: Medium

CWE:352

[Vulnerability details and guidance](https://cwe.mitre.org/data/definitions/352.html)

[Checkmarx](https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1007325&projectid=1350&pathid=248)

[Training](null)
[Recommended Fix](https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=648&queryVersionCode=56758536&queryTitle=CSRF)

Lines: 26 

---
[Code (Line #26):](null#L26)
```
   String info=request.getParameter("info");
```
---


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CX CSRF @ src/main/webapp/vulnerability/csrf/change-info.jsp [refs/heads/master] #205

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CX CSRF @ src/main/webapp/vulnerability/csrf/change-info.jsp [refs/heads/master] #205

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions